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DETAILED ACTION 

Response to Arguments 

Applicant's arguments filed 8-8-2007 have been fully considered but they 
are not persuasive. 

1 . Pages 1 2-1 6 of the amendment are a synopsis of the art. 

2. Regarding the arguments found on pages 16 thru 23, it appears that the 
applicant has analyzed most, if not all, of the rejection (and art) in a piecemeal fashion. 

In response to applicant's arguments against the references individually, one 
cannot show nonobviousness by attacking references individually where the rejections 
are based on combinations of references. See In re Keller, 642 F.2d 413, 208 
USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 
1986). Much of what the argument(s) found on the identified pages just shows how the 
art differs but does not address the "combination" of the art. 

To summarize the claim, it merely states a method whereby a roaming mobile 
can request and receive the address of a nearby certificate provisioning gateway. 

Tsuda clearly teaches mobile network with mobile roaming to/between 
home/foreign networks and authentication (eg. via AAA) and ability to use certificate 
servers but he does not disclose using the location of the mobile and/or storing the 
location or receiving a request from the mobile for the CA provisioning gateway. 

The examiner put forth Kim who teaches that BTS ID's provide information as to 
where a mobile is located (eg. the ID provides LAT/LONG info). Lee was used to 
disclose nomadic roaming whereby a user can connect to a visited network and 
requesting/receiving information about this new network (eg. its location and connection 
information such as servers, authentication, certificates, etc.). 

Therefore, the examiner's USC 103 combination reads on the applicant's claims 
and rebuts the arguments since one skilled would automate the location determination 
of a mobile such that said mobile can either request (or receive automatically) any/all 
pertinent network information (eg. home, foreign, servers, AAA, Certificates, etc), while 
they move. The examiner is not swayed and upholds his rejection. 
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3. Regarding the arguments for claims 5, 9 and 23, these are based on the 
above arguments and the examiner continues to uphold his rejection. 

4. In the examiner's opinion, the claims disclose only broad concepts and thus 
allow him to broadly interpret the concepts. Amending the claims with further details 
may provide for a more favorable outcome. 



Claim Rejections - 35 USC § 112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

Claim 38 rejected under 35 U.S.C. 112, first paragraph, as based on a disclosure 
which is not enabling. Use of a AAA server appears to be critical or essential. to the 
practice of the invention (see figures), but not included in the claim(s) is not enabled by 
the disclosure. See In re Mayhew, 527 F.2d 1229, 188 USPQ 356 (CCPA 1976). 

The examiner asks for where in the specification (and figures) is there a 
description that does not require using an AAA server (?). 

> Unless supported by the specification, this claim can be considered new 
matter. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1, 4, 6-8, 10-21 and 27-38 rejected under 35 U.S.C. 103(a) as being 

unpatentable over Tsuda and further in view of Kim and Lee et al US 6,751 ,459. 

As per claims 1, 4, 6, 14, 21, 27-28 and 30, Tsuda teaches a method for 
transmitting, to subscriber's user equipment, information required (eg. for a certificate 
issuance service in another network than a home network. See figure 10 shows mobile 
user registering with a foreign agent in a non-home network) in mobile communication 
system (title, abstract and figure 1 show a system that allows a user to be authenticated 
to roam to various networks and use services whereby AAA information is transmitted 
to/from a user's device), the method comprising: 

authenticating the subscriber (see figure 6, Step 2 and figure 10 which shows an 
authentication procedure); and transmitting to the user equipment at least part of the 
information required for obtaining the certificate in the other network (see figure 10) 
during the subscriber authentication (figure 10 shows overall procedure whereby data is 
sent to/from the mobile's AAA-H/AAA-V servers in order to authenticate said user as he 
roams. Figures 10-11 show mobile authenticating with AAA and P#186 discusses use 
of certificate issuance via certificate authority). 

Tsuda also teaches a Mobile IP network (figure 1 shows a mobile user who has 
roamed from a home network #1001/#1010 to a visited network #1002/#1010 
connected via IP which inherently subnets a network into smaller networks and their 
location is known based on where the engineer has positioned the local access 
router/BTS). Further the mobile network maintains user location in an HLR and Tsuda 
teaches both home and foreign networks (P#67 and P#71) which inherently describes 
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the concept of knowing where the user is (eg. maintaining a subscriber's location in the 
network) since it is either in the (one) home network or in any of other foreign networks 
(see figure 18 which shows multiple foreign subnets, #1002/#1004); 

But is silent on where the subscriber currently is located in a mobile 
communication system AND the method comprising: maintaining in the mobile 
communication system subscriber's location information and determining based of the 
subscriber's location and receiving a message from subscriber's user equipment, 
indicating that an address of a certificate provisioning gateway for certificate issuance 
and delivery procedure in a visited network is requested by the subscriber's user 
equipment, the certificate provisioning gateway serving at least one certificate authority . 

Kim teaches "...FIG. 5 illustrates a base station system parameter database mounted on 
the home-zone service center 170. As shown in the drawing, the base station system parameter 
database stores every base station's inherent ID(Bts id), location information of each base 
station like latitude and longitude, information about each sector like angle, system delay, and 
service range (angle, s_delay, svc_ran), exception range (exp_ran), change filed (change) and so 
forth. Before explaining about the exception range, it should be understood that the base stations 
located within the designated distance from the subscriber's residence regard (or decide) all 
sectors as a service sector. Here, the exception range is a value necessary for establishing the 
designated distance through which the base stations made the decision aforementioned...", 
(P#40) which shows that the location of each BTS is known (eg based on LAT/LONG) 
and would provide Tsuda with the location of the foreign agent/access router's location 
and hence, the location of the mobile unit it is communicating with. 

Furthermore, Lee teaches an "automated process" to enable nomadic roaming 
such that a user can request connectivity to a device whereby an agent determines the 
user has roamed into a visited network and translates the request into a connection to a 
new, similar device (Abstract). This alleviates the need for the user to track/determine if 
they have roamed into a visited network and then request a new device address. 

With further regard to claims 1 and 4, Tsuda teaches a mobile user roaming 
(see figure 10) and requiring a connection between foreign and home AAA servers (eg. 
certificate provisioning servers/gateways which provide provisioning serving at least one 
certificate authority. Furthermore, Lee shows that an automatic process whereby the 
mobile is updated with pertinent connectivity information as it roams, and 
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AAA/Certificate servers would be included) , which inherently will pass the address of 
the foreign node serving the mobile unit 

With further regard to claims 6 and 14. Tsuda/Lee teach information including 
at least one from a group of the address of the AAA/Certificate server (eg. see both 
Tsuda and Lee above, who teach a foreign AAA server and automatic download of 
pertinent information, eg. said AAA server's address) and/or the certificate provisioning 
gateway serving the certificate authority (eg. Tsuda and Lee teach determining the 
AAA-F server's identity/address) 

With further regard to claim 14, Tsuda teaches authentication via AAA servers 
(figure 10) for the purpose of roaming to other foreign networks and using services 
there, see figure 4 and P#69). 

With further regard to claim 27, Tsuda teaches using an authenticated channel 
via encryption (P#135). 

It would have been obvious to one skilled in the art at the time of the invention to 
modify Tsuda, such that where the subscriber currently is located in a mobile 
communication system AND the method comprising: maintaining in the mobile 
communication system subscriber's location information and determining based of the 
subscriber's location, to provide means for utilizing the user's location to assist with the 
authentication process to quickly identify which area the user has roamed to and what 
services may be available there. 



As per claim 7, Tsuda teaches claim 6, further comprising, performing the 
authentication is an application level authentication (figure 10 shows the process by 
which the user's authentication "program" communicates with other AAA server 
programs for authentication. Also se figure 1 1 and figures 12a-d which show packet 
layout. Hence the examiner interprets Tsuda's design as the AAA process being an 
application level authentication since it "rides on top of the Mobile IP layer). 
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As per claim 8, Tsuda teaches claim 6, wherein further comprising utilizing said 
part of the information during a certificate issuance procedure after the authentication in 
a visited network by the user eguipment (figures 10-1 1 show mobile authenticating with 
AAA and P#186 discusses use of certificate issuance via certificate authority., The 
examiner notes it is well known in the art to first authenticate someone before allowing 
moving forward with a process/procedure, eg. issuing a certificate ). 

As per claims 10 and 16, Tsuda teaches claim 6/15, wherein transmitting in said 
part of the information at least an address of a network node via which the service is 
provided (figure 1 shows the user roaming from home Mobile IP subnet to another 
Mobile IP subnet whereby the network node address of the home agent #101 1 and 
foreign agents #1021 would be ascertained as the unit roams). 

As per claims 11 and 18, Tsuda teaches claim 6/14, wherein transmitting in said 
part of the information at least a public key required for the service (P#186). 

As per claim 12, Tsuda teaches claim 6, wherein transmitting in said part of the 
information at least an indication of the protocol required for the service (Tsuda teaches 
using the Mobile IP protocol. Figures 12a-d show the packet layout). 

As per claims 13 and 17 , Tsuda teaches claim 6/14, further comprising said part 
of the information includes at least the address of the certificate provisioning gateway 
(eg. AAA-F server) via which the certificate issuance service is provided, 

transmitting from the user equipment a certificate request to the certificate 
provisioning gateway (figure 10 shows the overall authentication from the mobile user 
#1010 to visited AAA-F and home AAA servers via the Foreign Agent. Certificate 
issuance is supported by Tsuda, see P#186). 



As per claim 15, Tsuda teaches claim 14, wherein transmitting t he message and 
the reply message in an integrity protected channel (P#135). 
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As p e r c l a i m 17, Tsuda t e ach e s c l a i m 16, furth e r compr i sing transm i tting from 
the us o r equipment a c e rt i f i cat e r e qu e st to th e n e twork node (P#186). 

As per claim 19, Tsuda teaches claim 15, wherein transmitting in said part of the 
information at least an indication of the protocol required for the certificate issuance 
service (Tsuda teaches Mobile IP and packet layouts, see figures 12a-d. IP Headers 
inherently use a field to indicate the type of protocol and service). 

As per claim 20, Tsuda teaches claim 1 1 , wherein further comprising configuring 
the message to relate to a certificate issuance service (P#186). 

As per claim 29, Tsuda teaches claim 28, wherein the certificate provisioning 
gateway is in a visited network (figure 1 shows a home network #1001 and 
visited/foreign network #1002 and AAA-H and AAA-F servers/certificate gateways ). 

As per claim 31, Tsuda teaches claim 30, wherein the user equipment (UE) is 
arranged to receive said part of the information from a certificate authority with which 
the user equipment was authenticated, the certificate authority being in a home network 
(figure 10 shows authentication as user roams whereby the process includes links from 
mobile to foreign agent, to AAA-F, to AAA-H concluding at the Home Agent, whereby 
the AAA-H and home agent can be interpreted as network nodes in the home network. 
The AAA-F and AAA-H servers can be interpreted as certificate authorities ). 

As per claims 32-36, the combo teaches claim 28, but is silent on wherein the 
certificate provisioning gateway is configured, in response to receiving in the message 
further an address of a certificate provisioning gateway, to check whether or not the 
address which the message indicated corresponds to the address determined on the 
basis of the location information; and if they do not correspond to each other, to select 
the address determined on the basis of the location information OR to use the 



Application/Control Number: 10/705,396 Page 9 

Art Unit: 2617 

maintained location information if it does not correspond to the location information in 
the message OR to send an error indication. 

Tsuda teaches a user roaming among home/foreign networks while Kim teaches 
location determination and Lee teaches automatic updates for the user regarding 
network information as said user roams. Hence, while one skilled expects that Lee's 
teachings would always correctly correlate the address in the message to the location 
information, it is possible for it to be incorrect and thus either send an error or select 
which one is thought to be right. 

The examiner takes Official Notice that one skilled would need to decide the 
correct user's location if there is a discrepancy and/or send an error message. 

It would have been obvious to one skilled in the art at the time of the invention to 
modify the combo, such that the address is correlated to the location, to provide means 
for determining if the address of the CA is wrong and/or if a discrepancy exists and 
which address to use. 

As per claim 37, the combo teaches claim 1 , but is silent on wherein a 
certificate authority is a trusted third party. 

The examiner takes Official Notice that a certificate authority is typically 
considered a trusted third party since it is not the sender or receiver, but rather an entity 
in between which known (and trusted) by both parties. 

It would have been obvious to one skilled in the art at the time of the invention to 
modify the combo, such that a CA is a trusted third party, to provide means for the two 
parties to communicate via a third entity that is trusted by both. 

As per claim 38, the combo teaches claim 1 , but is silent on wherein a 
certificate authority is a trusted third party and does not include an authorization, 
authentication and accounting server. 

The examiner takes official notice that a certificate authority is sometimes used in 
a situation where an AAA server is (or has not been) used/contacted. 
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It would have been obvious to one skilled in the art at the time of the invention to 
modify the combo, such that a CA does not use the AAA, to provide means for not 
requiring need for services from an AAA server when the user has previously been 
authenticated within the roamed network(s), eg. during initial registration. 



Claims 5, 9, 23 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Tsuda/Kim/Lee and further in view of Sandhu et al. US 2002/0145561 . 

As per claim 5, Tsuda teaches claim 4 but is silent on wherein receiving in the 
message from the subscriber user equipment further a global cell identifier which 
indicates the subscribers location information. 

Kim teaches "FIG. 5 illustrates a base station system parameter database mounted on the 
home-zone service center 170. As shown in the drawing, the base station system parameter 
database stores every base station's inherent ID (Bts id), location information of each base 
station like latitude and longitude, information about each sector like angle, system delay, and 
service range (angle, s_delay, svc_ran), exception range (exp_ran), change filed (change) and so 
forth." (P#40). The examiner interprets the BTS-ID as being the Global Cell-ID. 

It would have been obvious to one skilled in the art at the time of the invention to 
modify Tsuda, such that the message contains a global cell identifier which indicates the 
subscriber's location information, to provide means for utilizing the user's location to 
assist with the authentication process to quickly identify which area the user has 
roamed to and what services may be available there. 

As per claim 9, Tsuda teaches claim 6 but is silent on further comprising 
transmitting in said part of the information as location network specific information. 

Tsuda teaches an elaborate process whereby a user can authenticate with 
foreign/home AAA servers for services as they roam (see figures 10-11). 

Kim teaches ". . .FIG. 5 illustrates a base station system parameter database mounted on 
the home-zone service center 170. As shown in the drawing, the base station system parameter 
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database stores every base station's inherent ID (Bts id), location information of each base 
station like latitude and longitude,..". (P#40) which shows that the location of each BTS is 
known (eg based on LAT/LONG) and would provide Tsuda with the location of the 
foreign agent/access router's location and hence, the location of the mobile unit it is 
communicating with. 

Sandhu teaches "A method and system whereby two mobile units can locate each other 
is presented. The mobile unit regularly obtains its location through a location-determining 
technology (e.g., GPS) and sends the location to a service provider computer . The service 
provider computer maintains a database of the current location of all the mobile units, and 
provides the location of mobile units to each of the mobile units." (Abstract). 
It would have been obvious to one skilled in the art at the time of the invention to modify 
Tsuda, such that said part of the information is location network specific information, to 
provide means for the system to understand where the mobile unit is located and 
provide services as requested by the user for that location and charge accordingly. 

As per claim 23, Tsuda teaches claim 21 further comprising a gateway network 
for certificate requests in a home network of the user equipment, the gateway network 
being configured to perform the certificate provisioning gateway address determination 
(figures 1 and 10 show the operation for a roaming mobile IP user to access 
home/foreign networks and access network nodes/gateways (eg. access points/routers, 
or agents) whereby mobile IP will provide the address of said network node/gateway. 
Tsuda teaches using certificates from a certificate authority - paragraph P#186). 



Allowable Subject Matter 

Claims 2-3 and 24-26 objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 
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Conclusion 



Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Stephen M. D'Agosta whose telephone number is 571- 
272-7862. The examiner can normally be reached on M-F, 8am to 5pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bill Trost can be reached on 571-272-7872. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




